> Dear All,
>
> I was wondering if anyone has any standard rules and policies which can be
> instantly deployed & added to Arcsight ESM for monitoring Windows, UNIX,
> database and network devices. I understand the rules vary and are specific to
> the OS and n/w devices. We have to setup the rules and commission Arcsight in
> our company. If anyone has prior hands-on using Arcsight or if you have any
> literature, please share. Also, if you have any docs on how to setup rules
> on Tripwire tool for file integrity checking please share the information.
> Thank you in advance.
>

Arcsight is an expensive product. Surely you got training and access to docs
with your licenses? If you're just now deploying, Arcsight should be assisting
you with that - especially your salesperson.

--
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
Check the headers before clicking on Reply.